melkorm 🏂❄️

If your are interested in why VictoriaLogs is so efficient and fast, then take a look into these slides about VictoriaLogs architecture internals - docs.google.com/presentation/d…

I'm running a semi-unplanned sale: iximiuz Labs membership is 50% off (plus the traditional PPP discount). The sale is mainly to keep iximiuz Labs afloat during the summer slowdown. But this same slowdown is one of the best times of the year to fill the knowledge gaps. So it's a good opportunity to go deeper into Linux, containers, and Kubernetes through our hands-on labs, and also support the platform. And to express my appreciation, I'll match each purchase of an annual or lifetime membership with a year of free premium access for anyone who cannot afford the subscription. Ping me on Discord if you're in a tough spot or if you need a voucher code for a friend (the link is on the site - labs[.]iximiuz[.]com) Happy learning!

I strongly believe there are entire companies right now under heavy AI psychosis and its impossible to have rational conversations about it with them. I can't name any specific people because they include personal friends I deeply respect, but I worry about how this plays out. I lived through the great MTBF vs MTTR (mean-time-between-failure vs. mean-time-to-recovery) reckoning of infrastructure during the transition to cloud and cloud automation. All those arguments are rearing their ugly heads again but now its... the whole software development industry (maybe the whole world, really). It's frightening, because the psychosis folks operate under an almost absolute "MTTR is all you need" mentality: "its fine to ship bugs because the agents will fix them so quickly and at a scale humans can't do!" We learned in infrastructure that MTTR is great but you can't yeet resilient systems entirely. The main issue is I don't even know how to bring this up to people I know personally, because bringing this topic up leads to immediately dismissals like "no no, it has full test coverage" or "bug reports are going down" or something, which just don't paint the whole picture. We already learned this lesson once in infrastructure: you can automate yourself into a very resilient catastrophe machine. Systems can appear healthy by local metrics while globally becoming incomprehensible. Bug reports can go down while latent risk explodes. Test coverage can rise while semantic understanding falls. Changes happens so fast that nobody notices the underlying architecture decaying. I worry.

✨ Shipped Tailwind CSS v4.3! 📜 New scrollbar utilities 🔍 New zoom utilities ⇥ New tab-size utilities ...plus a bunch of other little stuff 🎁 tailwindcss.com/blog/tailwindc…

TL;DR for open-source maintainers 🚫 NEVER use "pull_request_target" workflows 🚫 NEVER use shared caches in your publish pipeline Combining these 2 in particular is extremely dangerous I've repeated this countless times over the years, but another reminder is always useful

just in case, a reminder: LWLock:LockManager trouble is not scary anymore – you just need: - to upgrade to PG18+ - and raise max_locks_per_transaction

SECURITY ADVISORY — TanStack npm packages A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package. Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down. Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys. If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised: • Rotate cloud, GitHub, and SSH credentials immediately • Audit cloud audit logs for the last several hours • Pin to a prior known-good version and reinstall from a clean lockfile Detection — the malicious manifest contains: "optionalDependencies": { "@tanstack/setup": "github:tanstack/router#79ac49ee..." } Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root). Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level. Full technical breakdown, complete package and version list, and rolling status updates: github.com/TanStack/route… Credit to the security researcher for responsible disclosure.

them: but Vivaldi, what the hell is a Follower Tab? me: Follower Tab? Oh, it's just the handiest feature to keep your research tidy, wether that's for academic or shopping purposes 😎 youtu.be/RIxaXHdFX_s

Podman - a Daemonless Docker Alternative 🛠️ Podman is a container runtime that "mimics" Docker for the key commands (run, exec, kill, etc.) but uses a daemonless architecture under the hood. This approach has its upsides (e.g., fewer moving parts, simpler rootless setup) and downsides (e.g., without a daemon, some container operations require extra help from systemd). I put together a couple of hands-on challenges in case you want to give Podman a shot and compare it with Docker: - Start and Inspect a Container With Podman labs.iximiuz.com/challenges/sta… - Make a Podman Container Restart Automatically On Reboot labs.iximiuz.com/challenges/pod… - Start and Inspect a Container With Docker (for comparison) labs.iximiuz.com/challenges/sta…

Jolanta Brzeska była starszą kobietą i jedną z najbardziej znanych ofiar afery reprywatyzacyjnej. Zginęła w niewyjaśnionych, do dziś budzących wiele pytań okolicznościach. Obejrzyj materiał Marii Wiernikowskiej na Kanale Zero.

Due to popular demand from the internet, we renamed our MinIO-like open-source project to Tigerblock! Tigerblock is a Go package and CLI to use and serve S3-compatible object store APIs. If you've used MinIO for development before, Tigerblock should solve for most of your use cases. Give it a try and let me know what you think!

Tired of the pain yet? Come to GitLab and take back control of your destiny. I’ll even throw in the first year free for anyone switching from GitHub who signs a new three year agreement. DM me

@MarioNawfal Poland is the best country. Polish people they are fighter!

@MarioNawfal Love when people use their platform for good :)

To kick off the day, I’d like to remind you about the game Polanie. It’s a game from 1996, created in an amateur setting by a group of students from a Polish university. It’s kind of like our own Polish Warcraft 😎

Nie no ludzie kochani - najkorzystniejsza oferta Mirbud i Torpol na realizację Rail Baltica została wykluczona z przetargu przez karę 15 tys. zł, którą Mirbud dostał kilka lat temu. To spowodowało spiralę kolejnych problemów i groźbe utraty dla Polski dofinansowania UE na 3 MILIARDY zł. A teraz okazuje się, że kara 15 tys. zł była nałożona niesłusznie🤡 Rozumiecie? Urzędnicy wpierw wywalili Mirbud i wybrali o 400 mln droższą ofertę Budimexu (wszystko przez 15 tys zł kary!!), następnie wywalili Budimex i teraz cała budowa Rail Baltica jest w jednym wielkim chaosie, a na koniec okazuje się, że pierwotna kara 15 tys. zł była nałożona niesłusznie. Gdzie my żyjemy? Ci urzędnicy powinni zostać z automatu wywaleni - Rail Baltica stoi, Polska może stracić 3 miliardy złotych, a winnych znów brak

Good news, everyone! We all just got extremely lucky because Omkar Shelke dropped a dozen CKA/CKAD-styled Kubernetes scenarios on iximiuz Labs 🎉 I've already solved all of them, and they are dope - go check them out! - Set ConfigMap Environment Variables in a Pod labs.iximiuz.com/challenges/usi… - Perform In-Place Updates on a Kubernetes Deployment labs.iximiuz.com/challenges/Per… - Inspecting and Extracting Kubernetes Kubeconfig Data labs.iximiuz.com/challenges/ins… - Diagnosing and Fixing DaemonSet Placement Across All Nodes labs.iximiuz.com/challenges/dia… - Set and Use Secrets in a Kubernetes Deployment labs.iximiuz.com/challenges/Con… - Bootstrapping Pod Networking with Calico labs.iximiuz.com/challenges/boo… - Hardening Docker Containers Using gVisor Runtime labs.iximiuz.com/challenges/har… - Place One Pod per Node Without Using a DaemonSet labs.iximiuz.com/challenges/pla… - Launching the Headlamp Kubernetes Dashboard with Helm labs.iximiuz.com/challenges/lau… - Multi-Container Pod Security Design labs.iximiuz.com/challenges/sec… - Extracting and Decoding ServiceAccount Token from Kubernetes Secret labs.iximiuz.com/challenges/ext… And since these are Kubernetes challenges, solving them the visual way is double fun 👇